Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1266

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-1266
Last Modified 18 Jul 2011 10:44:28
Published 16 Jun 2011 04:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1266

Summary

The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "VML Memory Corruption Vulnerability."

Vulnerable Systems

Application

  • Microsoft Ie 6

  • Microsoft Ie 7

  • Microsoft Ie 8


References

MS - MS11-052


Last Updated: 27 May 2016 10:56:14